Threat Modelling for Developers training course

• Gain an overview of secure SDLC and understand how Threat Modelling fits in
• Understand where and how Agile Architecture fits in
• Gain an introduction to several common security classification systems
• Define elements of software that are security concerns
• Explore Threat Model types
• Utilise Traditional threat model process
• Discover Dependencies with Mini Lab
• Understand Rapid Threat Model prototyping process
• Apply Zones of Trust and using Zone rules to find threats
• Understand how to quickly classify threats
• Learn Mitigation analysis
• Integrate RTMP in an Agile/DevOps process
• Convert risks into backlog items
• Learn Validation and triaging of threats
• Explore Lab – threat modelling an internal system
• Identify Vulnerabilities and tackle them with Threat Models

Threat modelling is a process to identify security weaknesses in software design and architecture, and define countermeasures that mitigate the malicious effects of the discovered weaknesses Threat modelling is a process to identify security weaknesses in software design and architecture, and define countermeasures that mitigate the malicious effects of the discovered weaknesses before any code is cut.
 
Our training course is designed for software developers and architects in mind. Threat modelling is language-agnostic. It can be easily used for any software development project and with any modern workflow such as Agile or DevOps. The analysis work is done on the design of the software system in order to improve the quality of the code that will be delivered in-sprint.
 
You will learn how to address security design concerns faced by software development teams with a combination of teaching modules and practical threat model exercises. The participants will be encouraged to work in teams, to foster discussions on how to implement security controls for the modelled threats on their software architecture.
 
All key stakeholders in an Application Development workflow should know how to assess the weak points in their systems and what questions to ask. The course will provide a framework to assess these questions and will yield immediate beneficial results.
 
The JBI THREAT MODELLING FOR DEVELOPERS TRAINING COURSE uses the Rapid Threat Model Prototyping methodology (RTMP).  RTMP enables a development team to seamlessly integrate threat modelling with existing Agile / DevOps  workflows.
 
You will learn a practical overview of the necessary disciplines for resolving application architecture and design issues according to OWASP good security practices.
 
We aim to instill skills which allow you to perform rapid threat modelling in a Consistent, Repeatable and Measurable manner.